From f4d7646f1d69122a3f49925119a92834c20a1aee Mon Sep 17 00:00:00 2001 From: "Sam James (sam_c)" Date: Sun, 15 Mar 2020 18:21:54 +0000 Subject: [PATCH] dev-util/bsdiff: Fix CVE-2014-9862 Includes a patch from ChromiumOS. Bug: https://bugs.gentoo.org/701848 Signed-off-by: Sam James (sam_c) Closes: https://github.com/gentoo/gentoo/pull/14970 Signed-off-by: Thomas Deutschmann --- dev-util/bsdiff/bsdiff-4.3-r4.ebuild | 35 +++++++++++++++++++ .../files/bsdiff-4.3-CVE-2014-9862.patch | 15 ++++++++ 2 files changed, 50 insertions(+) create mode 100644 dev-util/bsdiff/bsdiff-4.3-r4.ebuild create mode 100644 dev-util/bsdiff/files/bsdiff-4.3-CVE-2014-9862.patch diff --git a/dev-util/bsdiff/bsdiff-4.3-r4.ebuild b/dev-util/bsdiff/bsdiff-4.3-r4.ebuild new file mode 100644 index 000000000000..dca682b5364f --- /dev/null +++ b/dev-util/bsdiff/bsdiff-4.3-r4.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit flag-o-matic toolchain-funcs + +DESCRIPTION="bsdiff: Binary Differencer using a suffix alg" +HOMEPAGE="https://www.daemonology.net/bsdiff/" +SRC_URI="https://www.daemonology.net/bsdiff/${P}.tar.gz" + +SLOT="0" +LICENSE="BSD-2" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos" + +RDEPEND="app-arch/bzip2" + +PATCHES=( + "${FILESDIR}/${P}-CVE-2014-9862.patch" +) + +src_compile() { + doecho() { + echo "$@" + "$@" + } + append-lfs-flags + doecho $(tc-getCC) ${CPPFLAGS} ${CFLAGS} ${LDFLAGS} -o bsdiff bsdiff.c -lbz2 || die "failed compiling bsdiff" + doecho $(tc-getCC) ${CPPFLAGS} ${CFLAGS} ${LDFLAGS} -o bspatch bspatch.c -lbz2 || die "failed compiling bspatch" +} + +src_install() { + dobin bs{diff,patch} + doman bs{diff,patch}.1 +} diff --git a/dev-util/bsdiff/files/bsdiff-4.3-CVE-2014-9862.patch b/dev-util/bsdiff/files/bsdiff-4.3-CVE-2014-9862.patch new file mode 100644 index 000000000000..7aab818090d8 --- /dev/null +++ b/dev-util/bsdiff/files/bsdiff-4.3-CVE-2014-9862.patch @@ -0,0 +1,15 @@ +diff --git a/bspatch.c b/bspatch.c +index 8d95633..ab77722 100644 +--- a/bspatch.c ++++ b/bspatch.c + +@@ -187,6 +187,10 @@ + }; + + /* Sanity-check */ ++ if ((ctrl[0] < 0) || (ctrl[1] < 0)) ++ errx(1,"Corrupt patch\n"); ++ ++ /* Sanity-check */ + if(newpos+ctrl[0]>newsize) + errx(1,"Corrupt patch\n"); -- 2.26.2